Pegasus Spyware Resurfaces with Newly Revealed Zero-Click Vulnerability

Share this blog

On September 13, The Citizen Lab revealed new research surrounding the Pegasus spyware campaign, presenting further details around their discovery of a zero-click vulnerability targeting Apple devices across the entire endpoint ecosystem.

In response to the disclosure, Apple has released security updates for all their devices from mobile to desktop. With Zimperium’s machine learning detection of exploits like Pegasus, Zimperium customers have been protected even before the disclosure.

The zero-click vulnerability, part of the vulnerabilities nicknamed ForcedEntry, takes advantage of how iMessage renders images, essentially opening up the file without the user interacting with the file. This is similar to Stagefright vulnerability discovered by Zimperium in 2015. Attackers can take advantage of this exploit to deliver a malicious PDF to target victims and remotely infect devices with spyware. The information from The Citizen Lab also shows this vector of attack has been active since February of this year.

This vulnerability, like others discovered throughout the mobile ecosystems, continues to highlight these always-connected devices as high-value targets, packed full of personal, private, and critical information. And as the lines continue to blur between mobile and traditional devices with information shared between systems in unison, it is as imperative as ever to have a robust, advanced security solution covering all devices.

Zimperium urges all users to update their Apple devices to the latest versions. Apple has released iOS 14.8, iPadOS 14.8, WatchOS 7.6.2, macOS Big Sur 11.6, and a security update for macOS Catalina to address this recent vulnerability (CVE-2021-30860).

Spyware Like Pegasus vs. Zimperium

Zimperium zIPS customers continue to remain protected against Pegasus with our zero-day, on-device z9 Mobile Threat Defense machine learning engine. There are no signatures for advanced spyware like Pegasus, and therefore defenses must be based on machine learning.

The Zimperium zLabs team has conducted a technical analysis of the research provided, showing the zIPS mobile threat defense solution detects and protects mobile customers in real-time from the exploitation of the device, without any updates.

Zimperium is here to help all enterprises, whether current customers or not. Please contact us today to learn more and ensure your mobile devices are protected.

About Zimperium

Zimperium, the global leader in mobile security, offers the only real-time, on-device, machine learning-based protection against Android, iOS, and Chromebook threats. Powered by z9, Zimperium provides protection against device, network, phishing, and malicious app attacks. For more information or to schedule a demo, contact us today.

Richard Melick
Mobile Threat Intelligence. View the author's experience and accomplishments on LinkedIn.

Get started with Zimperium today